[CentOS] CentOS 6.X, iptables 1.47 and GeoLite2 Country Database
Jobst Schmalenbach
jobst at barrett.com.au
Wed Jan 16 02:04:06 UTC 2019
On Tue, Jan 15, 2019 at 07:43:02AM +0000, Phil Perry (pperry at elrepo.org) wrote:
> On 15/01/2019 01:29, Jobst Schmalenbach wrote:
> > On Mon, Jan 14, 2019 at 07:29:45AM +0000, Phil Perry (pperry at elrepo.org) wrote:
> > > On 14/01/2019 07:09, Jobst Schmalenbach wrote:
> Below is my script for creating/updating an ipset to block my top 10
> Hope that helps
Thanks, it did, cleared up conflicting info I found on the Internet.
I also wanted to go the "other way": disallow everything but 2 countries (AU,NZ).
There are even more conflicting ideas about how to do this, but I figured it out.
Also I cannot see a difference in speed between using (maxmind)
-A filter_countries -m geoip --src-cc AU,NZ -j ACCEPT
and (ipdeny)
-A filter_countries -m set --set au.geoblock src -j ACCEPT
which is really good!
Jobst
--
The future isn't what it used to be (it never was).
| |0| | Jobst Schmalenbach, General Manager
| | |0| Barrett & Sales Essentials
|0|0|0| +61 3 9533 0000, POBox 277, Caulfield South, 3162, Australia
More information about the CentOS
mailing list